Getting to grips with Office 365 Message Encryption

As part of my work this week with Exchange transport rules, I needed to recreate another facility that my customer has grown used to in Office 365 – the ability to selectively encrypt emails using keywords.

This one turned out to be relatively straightforward – Office 365 Message Encryption has been around for a while now (it replaced Exchange Hosted Encryption) and I was able to use a transport rule to detect a phrase in the subject or body (“encrypt me please”) and apply Office 365 Message Encryption accordingly. I could equally have done this based on other criteria (for example, I suggest that any message marked as confidential and sent externally would be a good candidate).

So, the rule is fairly simple:

New-TransportRule -Name 'Encrypt email on request' -Comments ' ' -Mode Enforce -SubjectOrBodyContainsWords 'encrypt me please' -ApplyOME $true

Office 365 Message Encryption needs Azure RMS

The challenge for me was that I wasn’t creating it in PowerShell – I was using the Exchange Admin Center and the appropriate options weren’t visible. That’s because Office 365 Message Encryption needs Azure Rights Management Services (RMS) to be enabled, and it’s necessary to use the More Options link to expose the option to Modify the Message Security… from which it’s possible to Apply Office 365 Message Encryption.

Unfortunately that still didn’t work and the resulting error message was:

You can’t create a rule containing the ApplyOME or RemoveOME action because IRM licensing is disabled.

It seems it’s not just a case of enabling RMS in the service settings. I also needed to run the following commands in PowerShell:

Set-IRMConfiguration –RMSOnlineKeySharingLocation “https://sp-rms.eu.aadrm.com/TenantManagement/ServicePartner.svc”

(that’s the European command – there are alternative locations for other regions listed in the post I used to help me)

Import-RMSTrustedPublishingDomain -RMSOnline -name "RMS Online"
Test-IRMConfiguration -RMSOnline

(check everything passes)

Set-IRMConfiguration -InternalLicensingEnabled $true

With RMS/Information Rights Management (IRM) properly enabled I could create the rule as intended.

Customising the experience

Testing my rule was easy enough, but it’s also possible to customise the portal that recipients go to in order to read the encrypted message.

This is all done in PowerShell, with some simple commands:

Get-OMEConfiguration provides the current Office 365 Message Encryption configuration and to set the configuration to meet my requirements, I used:

Set-OMEConfiguration -Identity "OME Configuration" -Image (Get-Content "markwilsonitlogo.png" -Encoding byte) -PortalText "markwilson.it Secure Email Portal" -EmailText "Encrypted message from markwilson.it"

The tricky bit was working out how to provide the logo file as just the filename creates a PowerShell error and the Get-Content cmdlet has to be used to encode the file.

Further reading

Office 365 Message Encryption (and decryption) – steps – understanding, purchase options, configuration, branding and use.

Exchange transport rules to detect audio/video attachments

After my fun creating a profanity filter for Exchange Online earlier this week, my attention turned to some of the other rules that my customer needed re-creating in preparation for the move to Office 365. Most were fairly straightforward blocks on certain domains/addresses or using the normal templates to prevent financial data from being leaked, etc. but then I found another one that I’d expect to be in included in Exchange Online Protection, but isn’t: copying any audio/video files emailed from within the organisation to a defined mailbox.

The rule itself is quite simple, but the number of file extensions involved meant I actually needed 4 rules to avoid this error message:

The rule can’t be created because it is too large. It has 9028 characters, and the maximum number of characters is 8192.

Reduce the size, either by removing content, such as words or regular expressions, from the rule; or by removing conditions, exceptions, or actions from the rule.

After chunking the attachment extensions, the final Exchange transport rules used to to detect audio/video attachments were:

New-TransportRule "Notify Security if outbound email contains audio (1)" -AttachmentExtensionMatchesWords 'afc','vag','copy','vdj','sng','aob','act','ang','nra','hsb','rfl','sma','smp','syh','vyf','acm','at3','vmd','aimppl','nvf','saf','xfs','ins','alac','mod','omf','sfk','als','caf','gp5','wav','mp3','pla','abm','aup','wma','acd-zip','amxd','dmsa','dmse','emp','logicx','m4r','midi','ptx','rns','rx2','slp','trak','5xb','a2b','a2i','agr','akp','asd','bnk','bun','bww','csh','dfc','dsm','dtm','fev','flp','frg','g726','gsm','h5b','h5s','isma','krz','ksf','mbr','mmlp','mpga','mtp','musx','nkc','nkm','omg','pkf','r1m','rex','rip','rol','sbi','sfpack','smf','sseq','svd','syw','tg','u','uax','vpl','zvd','0.669','eop','mus','sf2','mid','ksd','aif','flp','oga','pcg','sty','dig','mscz','ogg','m3u','flac','sib','aiff','syx','zab','dss','gpk','xspf','mui','vlc','nbs','5xe','logic','minigsf','sd','sdat','wve','ins','cda','ram','aac','iff','nki','wave','wpk','dff','amr','3ga','dcf','aud','cwt','dls','ds2','flm','nsa','it','pcm','pho','q1','sns','sph','xwb','dsp','sam','u8','wand','ym','ac3','oma','sds','stm','acd','dsf','cpr','xa','m3u8','ftm','4mp','apl','cwp','cws','gpbank','gsflib','med','mo3','mx5','ply','qcp','rmj','w64','ahx','au','b4s','h0','h3e','hbb','hbs','ins','kit','kmp','ksc','mdl','mu3','phy','q2','sbg','sfap0','smp','toc','vgz','vmf','zpa','2sf','m4a','ds','nsf','sesx','ape','fls','mus','emx','pcast','dtshd','mmm','peak','vox','bmml','mscx','xmf','rtm','pls','sfl','xm','avastsounds','snd','voc','wax','wpp','ra','cdr','seq','gpx','au','aa','m4b','odm','mpa','amz','5xs','a2m','abc','acd-bak','adts','agm','aifc','alc','amf','band','bap','bdd','bidule','bwf','caff','cdda','cdlx','cdo','cel','cgrp','cidb','ckb','conform','cpt','cwb','dct','dewf','df2','dig','dm','dmf','dra','drg','dwd','efk','efq','efs','efv','emd','esps','f2r','f32','f3r','f4a','f64','fdp','fsb','fsc','fsm','ftm','ftmx','fzf','fzv','g721','gig','groove','gsf','h4b','hbe','igp','iti','koz','koz','kt3','la','lso','lwv','m4p','ma1','mdc','mgv','miniusf','mka','mmp','mmpz','mpc','mte','mti','mtm','mus','mux','narrative','nkb','nks','nkx','nml','note','nrt','nst','ntn','nwc','obw','okt','omx','ovw','pandora','pca','pek','pna','psm','ptm','pts','rax','rgrp','rmi','rmx','rng','rso','rti','s3i','sc2','scs11','sd2','sfz','sgp','smpx','sou','sppack','sprg','stap','sty','sxt','syn','td0','tta','txw','ult','uni','usf','usflib','ust','uw','uwf','vap','vc3','vmo','voxal','vpm','vpw','vrf','vsq','wfb','wfm','wfp','wow','wproj','wrk','wus','wut','wv','wvc','wwu','xmu','xrns','yookoo','adv','cmf','dmc','gmc','mp_','ppcx','sbk','sid','sng','vgm','6cm','8med','a52','al','d01','evr','fda' -GenerateIncidentReport security
New-TransportRule "Notify Security if outbound email contains audio (2)" -AttachmentExtensionMatchesWords 'gsm','kin','mini2sf','pd','prg','record','rmf','tmc','tun','wyz','xp','xt','kar','vb','wem','adg','dts','kfn','pk','mxl','mtf','ncw','dw','igr','vce','ddt','k25','sf','dvf','aa3','adt','fpa','h5e''mpdp','ove','rbs','sd','slx','stx','swa','vsqx','w01','zpl','mmp','opus','ppc','rsf','sdt','wav','xa','xpf','xsb','brstm','tak','ptf','efa','g723','mmf','s3m','sap','vqf','2sflib','avr','ear','mp1','dcm','ay','zvr','pat','ams','cts','gbs','ics','k26','mp2','mts','myr','ots','psf','rsn','ses','shn','snd','a2p','a2t','a2w','ab','acp','ais','alaw','all','apf','aria','ariax','axa','bwg','c01','ckf','djr','efe','emy','erb','far','fti','gbproj','gym','h3b','h4e','hdp','iaa','imp','itls','its','jam','jam','kpl','kt2','l','lof','lqt','m','m1a','m2','minipsf','minipsf2','mogg','mpu','mt2','mux','mx3','mx4','mx5template','npl','ofr','ovw','pbf','pjunoxl','plst','pno','prg','psf1','psf2','psy','ptcop','pvc','rad','raw','rbs','rcy','rmm','rta','rts','rvx','s3z','sd2f','spx','sseq','ssnd','svq','svx','thx','tsp','ub','ulaw','v2m','vmf','vtx','wtpl','wtpt','xbmml','xmi','xmz','xsp','zgr','atrac','box','fzb','hmi','imf','sdx','aax','sb','cfa','mxmf','pac','d00','8svx','ams','wfd','msv','xi','nmsv','ase','awb','expressionmap','hma','hps','mlp','mzp','sfs','snd','tak','8cm','gm','lvp','bcs','bonk','cfxr','dwa','fff','gio','gio','gro','jo','jo-7z','ksm','ktp','minincsf','mt9','musa','muz','mwand','mws','nap','orc','pmpl','r','sdii','seg','snsf','sth','sti','stw','sw','swav','syn','tfmx','tm2','tm8','ulw','val','voi' -GenerateIncidentReport security
New-TransportRule "Notify Security if outbound email contains video (1)" -AttachmentExtensionMatchesWords 'aep','dzp','viv','vro','mp4.infovid','scm','dir','rms','wlmp','dzm','mswmm','amc','psh','3gp','veg','sfd','trp','wpl','m2p','ntp','aaf','bdmv','d3v','dck','gcs','ivr','m21','mk3d','mproj','msdvd','rdb','rmp','rv','screenflow','sec','swt','trec','usm','vcpf','viewlet','xej','dnc','ivf','playlist','spl','wm','bik','swf','webm','dcr','mani','prproj','wp3','mkv','avi','fbr','gfp','srt','piv','3gp2','bu','mpeg','wmv','scc','meta','gvi','vob','m4v','aepx','dzt','ts','ism','swi','amx','m2ts','rec','rmd','vpj','g64','mmv','ifo','wve','cpi','vp6','mov','vsp','mp4','mpg','hdmov','fcp','ogm','sbk','vc1','vgz','wmx','xesc','zm3','bnp','k3g','lvix','vp3','bin','mob','dmx','kmv','flv','par','vid','rmvb','dcr','tp','xvid','mnv','str','asf','bdm','camproj','mxf','yuv','0.89','avchd','dat','m1pg','mvd','roq','tsp','wmmp','ddat','f4f','imovielibrary','lsx','proqc','qt','sbt','video','yog','f4v','mts','3gpp','3mm','r3d','dav','smv','ogv','nvc','h264','3g2','dvdmedia','fcproject','ismv','sqz','tix','clpi','f4p','fli','hdv','m2t','mvp','nsv','rsx','smk','thp','ttxt','inp','mvc','m15','0.264','lrv','mvp','wmd','camrec','dxr','divx','stx','aetx','vep','dv4','db2','mpeg4','pds','mod','aec','ajp','dv','sfera','dvr','pmf','ced','dash','rm','ale','avp','bsf','dmsm','dream','imovieproj','otrkey','3p2','arcut','avb','avv','bdt3','bmc','cine','cip','cmmtpl','cmrec','cst','d2v','dce','dmsd','dmss','dpa','evo','eyetv','fbz','flc','flh','fpdx','ftc','gts','hkm','imoviemobile','imovieproject','ircp','ismc','izz','izzy','jss','jts','jtv','kdenlive','m21','m2v','mj2','mp21','mpgindex','mpls','mpv','mse','mtv','mve','mxv','ncor','nuv','ogx','pac','photoshow','plproj','ppj','prel','prtl','pxv','qtl','qtz','rcd','rum','rvid','rvl','sdv','sedprj','seq','sfvidcap','siv','smi','svi','tda3mt','tivo','tp0','tpd','tpr','tvlayer','tvs','tvshow','usf','vbc','vcv','vdo','vdr','vfz','vlab','vtt','wcp','wvx','wxp','xfl','xlmv','y4m','zm1','zm2','exo','lrec','mp4v','mys','vcr','w32','am','aqt','cvc','gom','mpeg1','mpv2','orv','rmv','ssm','zeg','arf','moi','zmv','wtv','mjp','gifv','mpe','dpg','mpl','rcproject','amv','tod','60d','moff','mp2v','tdt','dvr-ms','bmk','asx','edl','smil','snagproj','cmmp','dv-avi','eye','mgv','mp21','pgi','pro','stl','xml','avs','box','int','irf','scn','sml','ismclip','avs','evo','smi','awlive','m4e','mpg2','tdx','vivo','movie','vf','3gpp2','psb','axm','cmproj','dmsd3d','dvx','ezt','ffm','mqv','mvy','vp7','xel','aet','anx','avc','avd','axv','bdt2','bs4','bvr','byu','camv','cmv','cx3','dlx','dmb','dmsm3d','fbr','fcarch','ffd','flx','gvp','iva','jmv','ktn','m1v','m2a','m4u','mjpg','mpsub','mvex','osp','pns','pro4dvd','pro5dvd','pssd','pva','qtch' -GenerateIncidentReport security
New-TransportRule "Notify Security if outbound email contains video (2)" -AttachmentExtensionMatchesWords 'qtindex','qtm','rp','rts','theater','tid','tvrecording','vem','vfw','vix','vs4','vse','wot','xmv','mvb','nut','pjs','sec','0.787','ssf','mpl','clk','dif','vft','vmlt','anim','grasp','moov','pvr','vmlf','modd','bix','cel','dsy','gl','ivs','lsf','m75','mpf','msh','pmv','rmd','rts','scm','vdx' -GenerateIncidentReport security

The file extension lists are taken from fileinfo.com (audio and video).

It should also be noted that these rules are fairly simple – they are only looking at the file extension name and not the actual contents of the message.

Creating an Office 365 profanity filter (works for Exchange too)

As part of recreating the rules that my customer currently has set up with a popular cloud-based message hygiene platform, I needed to create an Office 365 profanity filter for Exchange Online. Believe it or not, there isn’t one built into the product (it disappeared with BPOS) but you can do some interesting things with DLP classification rules and policies.

I’d like to publish the exact steps here but I can’t, for commercial reasons. What I can do though is signpost some useful resources:

Once you’ve created a policy you can apply it in PowerShell with:

New-ClassificationRuleCollection –FileData ([Byte[]]$(Get-Content -path ProfanityPolicy.xml -Encoding byte -ReadCount 0))

If you need to update it then the cmdlet is Set-ClassificationRuleCollection and if you want to take it out again, Remove-ClassificationRuleCollection will do the trick.

With the classification in place, you can create rules that use the policy. In my case, one to block emails containing sensitive content (i.e. a list of pre-defined words) and send an incident report to a defined mailbox.

Even though I was working with Exchange Online (v15), the same process will work for Exchange Server 2013 and, presumably 2016 when it comes…

Finally, one gotcha I found (well, it was a user error really):

  • I thought my rule wasn’t working. When I later logged into the shared mailbox that blocked messages were copied to, I found copies of the messages I’d been sending for quite a while. My confusion was because I’d been testing with Policy Tips (which seemed a bit hit and miss in OWA) and that doesn’t actually block the message (doh!). As soon as I enforced the rule, my rude messages started bouncing back as expected…

NDR from message blocked by Office 365 profanity filter

Short takes: Excel tips to display the worksheet name and validate data; editing Microsoft Project files stored on SharePoint; and an XPS to PDF conversion service

Another collection of mini-posts based on recent IT trials and tribulations…

Excel tips to display the worksheet name in a cell and to validate data

Last week, I was working on an Excel spreadsheet that acts as a plan for a series of tests. Each sheet has the same format, with some conditional formatting and associated logic to total up passes/fails and give a RAG score for the sheet. Those RAG scores are presented in an overview page – and data is copied between cells so that information is only populated once but appears on every sheet.  I’m quite pleased with the result but I did need to work a little on some of the tricks.

Firstly, data validation in lists (for the pass/fail). This is fairly straightforward but I usually forget how to do it so it’s worth reading the TechNet Productivity Hub post on restricting data entry in Excel with lists.

The second trick was to read the name of each worksheet and use that information in a cell (so I could name a worksheet after a set of tests, and see that name displayed as a header on the page too). Here, the SuperUser site came to the rescue and the code I needed in the cell was:

=RIGHT(CELL("filename",A1),LEN(CELL("filename",A1))-FIND("]",CELL("filename",A1),1))

Incidentally, I also needed to look something up that I’ve blogged about previously: if a cell shows the formula rather than the result, check the formatting is General and not Text.

Editing Microsoft Project files stored on SharePoint

Much as I try, it seems I can’t avoid working with Microsoft Project. Unfortunately, when working directly from SharePoint the files are opened read-only. The answer, it seems, is to work on a synchronised local copy – as described by Victor Butuza on his Microsoft Office SharePoint blog.

XPS to PDF conversion web service

Every now and again, I find myself wanting to create a PDF from an email, just to upload a receipt to Xero (the expenses system I use at work). Unfortunately Xero isn’t happy with XPS files – and Windows 8.1/Outlook don’t create PDFs, but a quick Internet search turned up XPS2PDF, a simple, fast and apparently secure way to convert my files.  There’s an API for those who want to make the conversion programmatically too.

One man’s battle with unlocking his Skype account…

I’ve blogged and tweeted many times about identity in the Microsoft cloud (“Microsoft accounts” vs. “work or school accounts”, formerly known as “organizational accounts”) but I completely forgot another set of credentials – Skype accounts, an anomaly from before Skype was bought by Microsoft but which should have been killed off by now… Then, a few weeks ago, I got an email from Skype (noreply@notifications.skype.com) to say that

“At Skype, we take customer safety and security very seriously. We have identified a potential compromise with your Skype account: […] and we have temporarily suspended access until you reset the account’s password.”

A day later (possibly after I followed the advice in the first email, I can’t remember now), I got another email

“The password for the Skype account: […] was recently changed. If you requested this change then you can ignore this email. If this wasn’t you, your account may have been compromised. Please follow these steps to reset your password.”

Never mind, I thought, I’ll just click the link (after checking it’s genuine) and reset my password then.

No. It’s not that simple.

I then entered a bizarre process of answering questions and then going into a hold loop for about 24 hours before someone checks your responses and effectively says “you’re in”, or “no, try again”. There’s no number to call, no person to speak to, but there appears to be a human element to the process. The official response from Skype Customer Support is: “Unfortunately I am not able to check on the details on your account because you did not pass the verification”. I can get access to my bank account with the right combination of mother’s maiden name, place of birth etc. but to unlock my Skype account I need:

  • Country
  • Language
  • First name
  • Last name
  • Email address
  • Email address provided when registered
  • Date when I created my Skype account (mm/yy)
  • Five names from my Contacts list
  • Name (first and last) provided when registering for my account
  • Country selected when registered

And optionally:

  • If you used a credit card, please provide any two of the first six digits of the credit card number and any two of the last four digits of the credit card number.
  • If you used PayPal or Skrill, please provide the email address that is associated with your PayPal or Skrill account.
  • If you used another payment method, please specify which one you used.
  • What is your date of birth (dd/mm/yy)?
  • What is the total cost of a recent order that you have made?
  • On what date did you place the recent order (dd/mm/yy)?
  • Please provide two phone numbers that you have recently called or contacted using Skype.
  • What is your full billing address?

I’ve had my Skype account for so long now that Microsoft possibly don’t have a record of when it was created. I certainly don’t know exactly when I did it (I probably used an old work email address and I don’t have any of the associated emails) but I can be sure it was more than 10 years ago. I’ve never topped up my Skype account with credit (I don’t use it to make paid calls). And I’ve repeatedly failed the verification checks to unlock my account. My last-ditch attempt was to answer just the mandatory questions and hope I get the month/year right. I may need a few more attempts yet for a brute force attack… Security is great, but when the service provider locks the account for you, and then won’t let you back in, it’s not so good. Skype’s official advice is to open a new account. With a name like Mark Wilson it’s pretty hard to get a decent username. I have a really good Skype username (my name) and I still live in hope of one day being able to answer the questions I need to get it back. In the meantime, thankfully, my Microsoft account credentials still work with Skype…

Purple spot next to Skype for Business presence information

I noticed a couple of days ago that my Skype for Business presence information was accompanied by a purple dot/spot. I hadn’t seen this before and I wondered what it meant. Unfortunately, I couldn’t find anything on the ‘net.

Purple spot next to Skype for Business presence information

My colleague Brian Cain (@BrianCainUC) clearly has better googling (ahem, Binging) skills than I, because he found Microsoft knowledge base article 3072756, describing a change that explains the phenomenon.

It seems that, since the 14 July 2015 update for the Microsoft (Lync 2013) Skype for Business client, when a calendar shows a user as Out of Office (i.e. the appointment status, not to be confused with an Automatic reply message from Exchange), the purple spot appears next to the Skype for Business presence information when they are online anyway…

I regularly add time into my Calendar for when I’m travelling (and mark it as Out of Office) but if my travel plans change (or I’m running late) I might still be online in Skype for Business and that’s what causes the purple spot to be displayed.

The article also describes some other changes in behaviour that might lead to a purple arrow being shown where the presence indicator normally is.

Incidentally, whilst researching this, I also found a useful FAQ about presence and pictures in Lync (Skype for Business) that may be worth a read.

Using the Microsoft Project calendar to block out time when people are not available

I hate Microsoft Project.

I mean, as a tool it’s OK, but it’s idiosyncratic and time-consuming to use; and even copying/pasting information is not as straightforward as it should be. Besides which, far too many people confuse a Gantt Chart with a project plan… and I blame Microsoft Project for that…

When I was at Fujitsu, I avoided having Project on my PC. If I didn’t have a license, I couldn’t edit plans… I could only view them. Unfortunately I can’t get away with that any more and, tonight, I lost most of the evening to some edits that went wrong with tasks getting split across days (I think I changed the working hours to reflect the hours we really work… but that messed something else up).

Anyway, I digress. Something I did find this evening was a really useful article describing how to change the working days for a Microsoft Project calendar. Using this I could not only add bank holidays that were missing in the standard calendar, but add the days that I’m not available to work on the project – for example because of annual leave, or other client commitments – so that the plan couldn’t allocate tasks to me on days I’m not booked to that customer.  You can also edit dates that people are available to work on a project directly (I don’t like referring to people as “resources”) but that doesn’t take into account odd days here and there of non-available time.

Next time though, I’ll leave editing the plan to the Engagement Managers…

Unable to boot from USB flash drive on a Lenovo PC (to install Windows 10)

Yesterday, I wrote about not having to wait for Windows 10 to be advertised to my PCs and downloading the software directly instead. Unfortunately, things didn’t turn out to be quite that simple.

Overnight, both the Windows 8.1 PCs in our house decided that Windows 10 was ready (I clearly need to be more patient) but my 10 year-old son wanted to perform the upgrade (he’s a trainee geek) so, I waited for him to come home tonight before we tried it out. Because I’d already downloaded the media I thought I could skip bringing almost 3GB down over my ADSL line and boot from USB but we had a little trouble along the way…

I’d prepared a USB flash drive from the Windows 10 .ISO file using Rufus but our family PC (a Lenovo IdeaPad Flex 15) didn’t want to boot from it.

First of all, I had to work out the boot menu key combination (F12) but, even then, the boot menu only wanted to boot from the network, or from the local hard drive. I checked the BIOS (F1 at boot) and USB boot was enabled. Following Lenovo support article HT076906 (How to enter Setup Utility (F1) or Boot Menu (F12) on a Microsoft Windows 8/8.1 preloaded PC), I tried various combinations to reboot the machine (including Shift+Shutdown for a full shutdown and Shift+Restart for Windows boot options) but nothing was helping to boot from USB.

I tried recreating my media using different partition schemes for UEFI but that didn’t work either. So I followed Lenovo support article HT078684 (Cannot Boot From a USB Key – Idea Notebooks/Desktops) to:

  1. Run cmd.exe with Administrator privileges.
  2. Insert the target USB boot media device into an available USB port.
  3. Type:
    diskpart
    list disk (and make note of the disk number of the target USB drive)
    select disk n (where n is the target USB drive noted earlier)
    clean
    create partition primary
    format fs=fat32 quick
    active
    assign
    list volume
    exit
  4. Copy the entire contents of the Windows ISO onto the newly created UEFI boot media.

After this, I successfully restarted the PC, using F12 to access the boot menu and could boot from USB (i.e. the flash drive was available in the menu).

Unfortunately, after all that effort, Windows 10 wanted a product key to install (which I didn’t think I had on a PC that came with Windows pre-installed), so I went back to an in-place upgrade using Windows Update.

Installing Windows 10 via Windows Update

It’s been a few years since I regularly built PCs and it seems my desktop skills are a little rusty… since then, I’ve discovered a number of utilities for reading the product key of my Windows installation (which is also stored in the BIOS) – the tool I used is Windows Product Key Finder, available for download from CodePlex.

Short takes: Windows 10 download location; btvstack.exe and Skype

Some more mini-posts glued together as a “short take”…

Windows 10 download location – no need to wait for a notification

As a “Windows Insider” (yeah, right, me and several million others…) I’ve been patiently waiting for the notification icon on my Family PC to tell me that Windows 10 is ready for me to download and install.  I didn’t expect it immediately on July 29th – anyway, I was on holiday last week so I could wait a few days – but I did hope I’d get it over the weekend (especially as I had a new PC to set up for my wife… more on that in a future post).

Well, after tweeting my frustration, I received multiple replies asking me why I didn’t download it directly. It seems you don’t need to wait for a notification icon, just download from the Microsoft website (either for a direct update, or to create media for other PCs). Just take note that this will not work for enterprise editions.

Incidentally (and thanks to Garry Martin for this tip), Rufus is a handy app for creating USB media from an .ISO image.

btvstack.exe wants to use Skype

When I launched Skype yesterday, it told me that btvstack.exe wants to use Skype and presented two options – allow or deny access. How do I know which to chose? What is btvstack.exe? Is it a piece of malware that will start running up huge Skype bills for me? Should I allow it.

Well, Rob Schmuecker (@robschmuecker) has already done the legwork and written a post that tells us “What is BtvStack.exe and why is Skype asking me to allow it?“. If the Skype developers were being a little less cryptic they might have said “Skype wants to use your computer’s Bluetooth radio to connect to a device – is that OK?”. You probably don’t need to allow access but if you use a Bluetooth headset, then maybe you will…

Short takes: refreshing all the fields in a Word document; fixing the spacing after a table in Word

More snippets of info from the last few weeks… this time with a focus on Word…

Refreshing all the fields in a Word 2013 document

I was writing a pretty sizable document recently, with many tens of tables, a few figures and lots of cross references so I wanted to be able to easily update all the fields in one fell swoop. Well, it turns out to be remarkable easy to do, if not immediately obvious, in Word 2013 (and it seems it works for older versions too). Just go to Print Preview and the fields will be updated!  You’ll still need to manually update tables of contents, etc. if you’ve added/removed sections, but all the other fields in the document will be taken care of.

Fixing the spacing after a table in Word

Another challenge I had with my document was that it included a lot of tables, and after each table the following line was too close.  If I included a blank line, it was too big (and anyway, that’s not the right answer); and if I edited the Normal style then it would affect the rest of the document.

I found some suggestions in a post from Allen Wyatt. The first was to amend the table positioning and set top and bottom spacing but that involves letting text flow around the table (and potentially tables floating off around the document in the same way as so many pictures do…). The simpler approach was to create a new style, based on Normal, called After Table, which has the appropriate paragraph spacing set. No more ghastly gaps and dodgy new lines – instead I just use the After Table style on the paragraph immediately after each table.